City: unknown
Region: unknown
Country: China
Internet Service Provider: China Mobile
Hostname: unknown
Organization: unknown
Usage Type: unknown
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '117.160.0.0 - 117.191.255.255'
% Abuse contact for '117.160.0.0 - 117.191.255.255' is 'abuse@chinamobile.com'
inetnum: 117.160.0.0 - 117.191.255.255
netname: CMNET
descr: China Mobile Communications Corporation
descr: Mobile Communications Network Operator in China
descr: Internet Service Provider in China
country: CN
org: ORG-CM1-AP
admin-c: ct74-AP
tech-c: HL1318-AP
abuse-c: AC2006-AP
status: ALLOCATED PORTABLE
remarks: service provider
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CMCC
mnt-routes: MAINT-CN-CMCC
mnt-irt: IRT-CHINAMOBILE-CN
last-modified: 2025-12-05T03:45:07Z
source: APNIC
irt: IRT-CHINAMOBILE-CN
address: China Mobile Communications Corporation
address: 29, Jinrong Ave., Xicheng District, Beijing, 100032
e-mail: abuse@chinamobile.com
abuse-mailbox: abuse@chinamobile.com
admin-c: CT74-AP
tech-c: CT74-AP
auth: # Filtered
remarks: abuse@chinamobile.com was validated on 2026-03-23
mnt-by: MAINT-CN-CMCC
last-modified: 2026-03-23T00:47:53Z
source: APNIC
organisation: ORG-CM1-AP
org-name: China Mobile
org-type: LIR
country: CN
address: 29, Jinrong Ave.
phone: +86-10-5268-6688
fax-no: +86-10-5261-6187
e-mail: hostmaster@chinamobile.com
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:14:48Z
source: APNIC
role: ABUSE CHINAMOBILECN
country: ZZ
address: China Mobile Communications Corporation
address: 29, Jinrong Ave., Xicheng District, Beijing, 100032
phone: +000000000
e-mail: abuse@chinamobile.com
admin-c: CT74-AP
tech-c: CT74-AP
nic-hdl: AC2006-AP
remarks: Generated from irt object IRT-CHINAMOBILE-CN
remarks: abuse@chinamobile.com was validated on 2026-03-23
abuse-mailbox: abuse@chinamobile.com
mnt-by: APNIC-ABUSE
last-modified: 2026-03-23T00:48:02Z
source: APNIC
role: chinamobile tech
address: 29, Jinrong Ave.,Xicheng district
address: Beijing
country: CN
phone: +86 5268 6688
fax-no: +86 5261 6187
e-mail: hostmaster@chinamobile.com
admin-c: HL1318-AP
tech-c: HL1318-AP
nic-hdl: ct74-AP
notify: hostmaster@chinamobile.com
mnt-by: MAINT-cn-cmcc
abuse-mailbox: abuse@chinamobile.com
last-modified: 2016-11-29T09:37:27Z
source: APNIC
person: haijun li
nic-hdl: HL1318-AP
e-mail: hostmaster@chinamobile.com
address: 29,Jinrong Ave, Xicheng district,beijing,100032
phone: +86 1052686688
fax-no: +86 10 52616187
country: CN
mnt-by: MAINT-CN-CMCC
abuse-mailbox: abuse@chinamobile.com
last-modified: 2016-11-29T09:38:38Z
source: APNIC
% Information related to '117.188.0.0/14AS9808'
route: 117.188.0.0/14
descr: China Mobile communications corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
last-modified: 2008-09-04T07:55:15Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.188.202.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27611
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;117.188.202.221. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026070300 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 03 14:28:20 CST 2026
;; MSG SIZE rcvd: 108
Host 221.202.188.117.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 221.202.188.117.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 113.190.55.82 | attackbots | Attempt to attack host OS, exploiting network vulnerabilities, on 28-10-2019 03:55:24. |
2019-10-28 12:39:29 |
| 125.68.57.101 | attackspam | 1433/tcp 445/tcp... [2019-08-27/10-28]16pkt,2pt.(tcp) |
2019-10-28 12:55:16 |
| 122.115.35.144 | attack | 1433/tcp 1433/tcp 1433/tcp... [2019-10-11/28]6pkt,1pt.(tcp) |
2019-10-28 12:40:27 |
| 175.211.116.230 | attackspam | 2019-10-28T04:30:08.991230abusebot-5.cloudsearch.cf sshd\[11917\]: Invalid user hp from 175.211.116.230 port 50956 |
2019-10-28 12:54:29 |
| 159.203.73.181 | attackspambots | 2019-10-28T04:51:58.944871lon01.zurich-datacenter.net sshd\[12787\]: Invalid user resu from 159.203.73.181 port 59993 2019-10-28T04:51:58.953661lon01.zurich-datacenter.net sshd\[12787\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=joinlincoln.org 2019-10-28T04:52:00.647135lon01.zurich-datacenter.net sshd\[12787\]: Failed password for invalid user resu from 159.203.73.181 port 59993 ssh2 2019-10-28T04:55:25.469072lon01.zurich-datacenter.net sshd\[12862\]: Invalid user jmpark from 159.203.73.181 port 50262 2019-10-28T04:55:25.476710lon01.zurich-datacenter.net sshd\[12862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=joinlincoln.org ... |
2019-10-28 12:35:07 |
| 171.35.7.63 | attackbotsspam | 23/tcp 23/tcp [2019-10-19/28]2pkt |
2019-10-28 12:16:26 |
| 84.22.50.82 | attackbots | 445/tcp 445/tcp [2019-10-12/28]2pkt |
2019-10-28 12:16:01 |
| 36.74.114.9 | attackspambots | Attempt to attack host OS, exploiting network vulnerabilities, on 28-10-2019 03:55:30. |
2019-10-28 12:29:46 |
| 199.19.224.191 | attackspambots | Oct 28 03:55:29 internal-server-tf sshd\[24079\]: Invalid user vsftp from 199.19.224.191Oct 28 03:55:29 internal-server-tf sshd\[24082\]: Invalid user oracle from 199.19.224.191Oct 28 03:55:29 internal-server-tf sshd\[24077\]: Invalid user glassfish from 199.19.224.191Oct 28 03:55:29 internal-server-tf sshd\[24085\]: Invalid user http from 199.19.224.191Oct 28 03:55:29 internal-server-tf sshd\[24072\]: Invalid user tomcat from 199.19.224.191 ... |
2019-10-28 12:27:15 |
| 45.136.111.109 | attack | Oct 28 04:38:44 h2177944 kernel: \[5109705.666344\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=15625 PROTO=TCP SPT=56825 DPT=8590 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 28 04:49:49 h2177944 kernel: \[5110369.825228\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=37787 PROTO=TCP SPT=56825 DPT=2990 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 28 04:56:26 h2177944 kernel: \[5110766.870854\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46546 PROTO=TCP SPT=56825 DPT=1190 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 28 05:08:30 h2177944 kernel: \[5111491.363266\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=12668 PROTO=TCP SPT=56825 DPT=2090 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 28 05:17:08 h2177944 kernel: \[5112008.812410\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214. |
2019-10-28 12:34:45 |
| 27.74.249.251 | attackbotsspam | Attempt to attack host OS, exploiting network vulnerabilities, on 28-10-2019 03:55:29. |
2019-10-28 12:30:13 |
| 1.203.115.64 | attackspam | Oct 27 18:27:43 sachi sshd\[6920\]: Invalid user kmem from 1.203.115.64 Oct 27 18:27:43 sachi sshd\[6920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.203.115.64 Oct 27 18:27:45 sachi sshd\[6920\]: Failed password for invalid user kmem from 1.203.115.64 port 40456 ssh2 Oct 27 18:32:32 sachi sshd\[7327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.203.115.64 user=root Oct 27 18:32:34 sachi sshd\[7327\]: Failed password for root from 1.203.115.64 port 57860 ssh2 |
2019-10-28 12:46:50 |
| 138.197.171.149 | attackspam | Oct 28 06:43:07 sauna sshd[41482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.171.149 Oct 28 06:43:08 sauna sshd[41482]: Failed password for invalid user kgw from 138.197.171.149 port 57274 ssh2 ... |
2019-10-28 12:54:52 |
| 218.206.233.198 | attack | 2019-10-28 07:30:23 dovecot_login authenticator failed for (95.216.208.141) [218.206.233.198]: 535 Incorrect authentication data (set_id=nologin) 2019-10-28 07:30:32 dovecot_login authenticator failed for (95.216.208.141) [218.206.233.198]: 535 Incorrect authentication data (set_id=joseph) 2019-10-28 07:30:50 dovecot_login authenticator failed for (95.216.208.141) [218.206.233.198]: 535 Incorrect authentication data (set_id=joseph) ... |
2019-10-28 12:45:28 |
| 113.179.72.231 | attackbotsspam | Attempt to attack host OS, exploiting network vulnerabilities, on 28-10-2019 03:55:24. |
2019-10-28 12:40:05 |